The recent takedown of the relatively small Kelihos botnet and the subsequent civil suit raised by Microsoft was the first ever in which some of the defendants were specifically named: Dominique Alexander Piatti and the company dotFREE Group s.r.o.

After having initially declined to comment the suit until he has the chance to consult with his lawyer, Piatti and the company have eventually decided to cooperate with Microsoft by voluntarily providing information and evidence that convinced the company that they did not control the subdomains used to host the botnet, which resulted in Microsoft dropping the suit both against them.

"As part of the settlement, Mr. Piatti has agreed to delete or transfer all the subdomains used to either operate the Kelihos botnet, or used for other illegitimate purposes, to Microsoft," wrote Richard Boscovich, Senior Attorney with Microsoft's Digital Crimes Unit. "Additionally, Mr. Piatti and dotFREE Group have agreed to work with us to create and implement best practices to prevent abuse of free subdomains and, ultimately, apply these same best practices to establish a secure free Top Level Domain as they expand their business going forward."

On its site, the dotFree company has confirmed that "the controllers of the Botnet found a way to abuse a popular free subdomain provider (http://cz.cc also developed by dotFree's founders), and were using those domains as a part of their operations."

"As a provider of free service we were always concerned by the potential for abuse, and learned (sometimes the hard way) that security should never be underestimated," it says in the statement. "No one wants to be handed a thick binder by a stranger at your nearby coffee shop saying 'Microsoft is suing you'!"

The suit against the 22 John Does still remains open, and Microsoft has now focused its investigation on uncovering them.

Spotlight

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

As ISPs, hosting providers and online enterprises around the world continue suffering the effects of DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?”

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.

Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.